How to get rid of OpenSSL::SSL::SSLError

Question

I am trying to authenticate users with Facebook using OmniAuth. Initially, it was working, but along the way it just stopped working and started to give me this error message:

OpenSSL::SSL::SSLError SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed

The same code works well for Twitter and I can't seem to understand why it doesn't work for Facebook. I have looked online for help, but I haven't been successful.

This is the link to the website I am building: http://www.bestizz.com/
And this url would give you the error message: http://www.bestizz.com/auth/facebook

Answer 1

Ruby cannot find any root certificates. Here is an option for debugging purposes. Put following code at the begining of your script:

   require 'openssl'    OpenSSL::SSL::VERIFY_PEER = OpenSSL::SSL::VERIFY_NONE 

Answer 2

Add the following code to config/initializers/fix_ssl.rb

require 'open-uri' require 'net/https'  module Net   class HTTP     alias_method :original_use_ssl=, :use_ssl=      def use_ssl=(flag)       self.ca_file = "/etc/pki/tls/certs/ca-bundle.crt"  # for Centos/Redhat       self.verify_mode = OpenSSL::SSL::VERIFY_PEER       self.original_use_ssl = flag     end   end end 

Note:

Many operating systems already come with a supplied certificate bundle. For example in Red Hat Enterprise Linux and CentOS it's installed in:

/etc/pki/tls/certs/ca-bundle.crt 

For Ubuntu its at:

/etc/ssl/certs/ca-certificates.crt